Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/d3BGyecj5qVhUVRWevfaABv-Uuw.roa
File:                     d3BGyecj5qVhUVRWevfaABv-Uuw.roa (raw, json)
Hash identifier:          b5MSPQcKaKZAiJkbL96Emo9iQgUOVRSUJLxBRLacP1k=
Subject key identifier:   77:70:46:C9:E7:23:E6:A5:61:51:54:56:7A:F7:DA:00:1B:FE:52:EC
Certificate issuer:       /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial:       018DD56823FBFAF15EA07F44AAF49B1331FD
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/d3BGyecj5qVhUVRWevfaABv-Uuw.roa
Signing time:             Fri 23 Feb 2024 09:59:48 +0000
ROA not before:           Fri 23 Feb 2024 09:59:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        88.80.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 25 Feb 2024 09:43:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:d5:68:23:fb:fa:f1:5e:a0:7f:44:aa:f4:9b:13:31:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
        Validity
            Not Before: Feb 23 09:59:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=777046c9e723e6a5615154567af7da001bfe52ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:14:3c:d8:bf:37:bf:e8:de:8b:32:85:98:eb:
                    6b:7b:49:32:f8:a3:f4:4f:a8:96:db:6f:a7:86:62:
                    7c:92:a4:3f:50:76:cd:8b:56:9f:68:c7:e4:12:d2:
                    6a:1b:85:82:a7:27:83:9c:c7:e3:7f:19:4b:09:66:
                    85:7a:5b:8a:54:c1:22:be:80:36:dc:32:62:2f:9b:
                    1f:09:87:18:70:2f:37:57:7b:b4:46:fa:56:57:9b:
                    25:40:b0:a0:7b:1f:12:f4:bf:34:a0:da:42:c1:d6:
                    2b:15:dc:a1:67:dd:bc:12:b8:49:8a:9c:e6:6a:49:
                    9f:02:1a:fa:02:fb:fe:e7:48:3b:04:98:7c:f4:d8:
                    a7:f4:f0:2e:1c:13:f2:0a:82:4f:88:d9:f7:f8:d1:
                    22:02:a6:eb:d7:cc:b0:6e:96:ec:e9:d1:93:8e:02:
                    94:6b:e7:b9:1f:59:24:db:08:74:27:47:5d:f8:6f:
                    96:4f:20:24:b4:0d:7c:b9:07:84:d8:8a:7e:27:67:
                    da:7e:12:16:1c:0c:3a:c9:8b:4c:6d:e2:33:f8:9d:
                    72:15:c4:33:54:85:29:ac:5a:14:45:75:64:89:da:
                    76:a7:af:75:3a:a9:57:24:1b:cf:ad:91:04:a1:b4:
                    ab:0f:77:93:0b:59:59:e3:b5:c0:05:27:a1:3f:f8:
                    a2:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:70:46:C9:E7:23:E6:A5:61:51:54:56:7A:F7:DA:00:1B:FE:52:EC
            X509v3 Authority Key Identifier:
                keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/d3BGyecj5qVhUVRWevfaABv-Uuw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.80.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:b4:f1:a0:66:c9:71:5b:c7:82:ed:c9:4b:18:b6:e2:63:cd:
         6b:48:0c:37:d3:3d:b9:20:09:04:8f:1c:53:96:90:48:e6:a2:
         45:0e:99:b3:f5:80:1b:13:a6:08:2e:ef:b4:8f:24:8a:b9:f8:
         93:06:f6:02:4a:ed:e6:b2:17:32:d3:69:84:6e:64:22:f3:f8:
         b3:9a:18:10:2d:70:50:c8:03:c5:8c:2c:f0:b8:ab:9b:d9:49:
         c4:69:9c:0b:80:93:29:6e:ee:ad:72:55:ab:94:ad:e7:34:28:
         13:42:20:e7:48:60:95:43:0e:1b:9b:fa:cc:ba:93:51:51:50:
         68:06:c8:c4:17:19:5f:e2:4d:2f:66:7a:3f:f0:2c:aa:71:d9:
         82:24:a9:74:ba:6d:c5:ba:08:81:a8:c8:8e:cc:84:2c:6b:60:
         ac:76:d7:1d:ce:31:3c:c0:e4:f9:f2:45:d4:03:70:1b:f6:91:
         48:7e:06:8f:ac:e9:3c:bf:a0:84:21:a8:57:2a:3c:46:64:f8:
         d2:bc:bc:f7:b8:0b:91:55:13:1b:15:37:7a:86:80:48:a2:fe:
         5f:b1:0c:42:26:41:aa:e9:3e:d5:3b:ea:0e:0e:e2:1e:c6:7c:
         62:1f:50:dc:30:80:47:76:df:1b:c1:f9:8a:33:59:74:34:1e:
         c5:e5:0e:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3VaCP7+vFeoH9EqvSbEzH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwMjIzMDk1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzcwNDZjOWU3MjNlNmE1NjE1MTU0NTY3YWY3ZGEwMDFiZmU1MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBQ82L83v+jeizKFmOtre0ky+KP0
T6iW22+nhmJ8kqQ/UHbNi1afaMfkEtJqG4WCpyeDnMfjfxlLCWaFeluKVMEivoA2
3DJiL5sfCYcYcC83V3u0RvpWV5slQLCgex8S9L80oNpCwdYrFdyhZ928ErhJipzm
akmfAhr6Avv+50g7BJh89Nin9PAuHBPyCoJPiNn3+NEiAqbr18ywbpbs6dGTjgKU
a+e5H1kk2wh0J0dd+G+WTyAktA18uQeE2Ip+J2fafhIWHAw6yYtMbeIz+J1yFcQz
VIUprFoURXVkidp2p691OqlXJBvPrZEEobSrD3eTC1lZ47XABSehP/ii+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdwRsnnI+alYVFUVnr32gAb/lLsMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvZDNCR3llY2o1cVZoVVZSV2V2ZmFBQnYtVXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCKMA0G
CSqGSIb3DQEBCwUAA4IBAQAvtPGgZslxW8eC7clLGLbiY81rSAw30z25IAkEjxxT
lpBI5qJFDpmz9YAbE6YILu+0jySKufiTBvYCSu3mshcy02mEbmQi8/izmhgQLXBQ
yAPFjCzwuKub2UnEaZwLgJMpbu6tclWrlK3nNCgTQiDnSGCVQw4bm/rMupNRUVBo
BsjEFxlf4k0vZno/8CyqcdmCJKl0um3FugiBqMiOzIQsa2CsdtcdzjE8wOT58kXU
A3Ab9pFIfgaPrOk8v6CEIahXKjxGZPjSvLz3uAuRVRMbFTd6hoBIov5fsQxCJkGq
6T7VO+oODuIexnxiH1DcMIBHdt8bwfmKM1l0NB7F5Q6u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:13 2024 by rpki-client on console-fra.rpki-client.org